ALT-PU-2019-2734-1
Package qt5-charts updated to version 5.12.4-alt0.M80C.1 for branch c8.1 in task 235556.
Closed vulnerabilities
BDU:2019-00921
Уязвимость функции QGifHandler кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-00922
Уязвимость функции QXMLStreamReader компонента QXmlStream кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к информации
BDU:2019-00951
Уязвимость класса QBmpHandler кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к информации
BDU:2021-03456
Уязвимость компонента qsvghandler.cpp кроссплатформенного фреймворка для разработки программного обеспечения Qt, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-03457
Уязвимость компонента QTgaFile кроссплатформенного фреймворка для разработки программного обеспечения Qt, связанная с ошибкой механизма контроля расходуемых ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
- openSUSE-SU-2018:4261
- openSUSE-SU-2018:4261
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1530
- openSUSE-SU-2020:1530
- RHSA-2019:2135
- RHSA-2019:2135
- RHSA-2019:3390
- RHSA-2019:3390
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://codereview.qt-project.org/#/c/236691/
- https://codereview.qt-project.org/#/c/236691/
- https://codereview.qt-project.org/#/c/236691/
- https://codereview.qt-project.org/#/c/236691/
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- USN-4003-1
- USN-4003-1
- DSA-4374
- DSA-4374
Modified: 2024-11-21
CVE-2018-19865
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3.
- http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- openSUSE-SU-2019:1263
- openSUSE-SU-2019:1263
- openSUSE-SU-2019:1259
- openSUSE-SU-2019:1259
- https://codereview.qt-project.org/#/c/243666/
- https://codereview.qt-project.org/#/c/243666/
- https://codereview.qt-project.org/#/c/244569/
- https://codereview.qt-project.org/#/c/244569/
- https://codereview.qt-project.org/#/c/244687/
- https://codereview.qt-project.org/#/c/244687/
- https://codereview.qt-project.org/#/c/244845/
- https://codereview.qt-project.org/#/c/244845/
- https://codereview.qt-project.org/#/c/245283/
- https://codereview.qt-project.org/#/c/245283/
- https://codereview.qt-project.org/#/c/245293/
- https://codereview.qt-project.org/#/c/245293/
- https://codereview.qt-project.org/#/c/245312/
- https://codereview.qt-project.org/#/c/245312/
- https://codereview.qt-project.org/#/c/245638/
- https://codereview.qt-project.org/#/c/245638/
- https://codereview.qt-project.org/#/c/245640/
- https://codereview.qt-project.org/#/c/245640/
- https://codereview.qt-project.org/#/c/246630/
- https://codereview.qt-project.org/#/c/246630/
Modified: 2024-11-21
CVE-2018-19869
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
- openSUSE-SU-2019:1116
- openSUSE-SU-2019:1116
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1530
- openSUSE-SU-2020:1530
- RHSA-2019:2135
- RHSA-2019:2135
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://codereview.qt-project.org/#/c/234142/
- https://codereview.qt-project.org/#/c/234142/
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2422-1] qtsvg-opensource-src security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2422-1] qtsvg-opensource-src security update
Modified: 2024-11-21
CVE-2018-19870
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
- openSUSE-SU-2019:1239
- openSUSE-SU-2019:1239
- RHSA-2019:2135
- RHSA-2019:2135
- RHSA-2019:3390
- RHSA-2019:3390
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://codereview.qt-project.org/#/c/235998/
- https://codereview.qt-project.org/#/c/235998/
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- USN-4003-1
- USN-4003-1
- DSA-4374
- DSA-4374
Modified: 2024-11-21
CVE-2018-19871
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
- openSUSE-SU-2019:1115
- openSUSE-SU-2019:1115
- RHSA-2019:2135
- RHSA-2019:2135
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://codereview.qt-project.org/#/c/237761/
- https://codereview.qt-project.org/#/c/237761/
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
Modified: 2024-11-21
CVE-2018-19873
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
- openSUSE-SU-2018:4261
- openSUSE-SU-2018:4261
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1530
- openSUSE-SU-2020:1530
- RHSA-2019:2135
- RHSA-2019:2135
- RHSA-2019:3390
- RHSA-2019:3390
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- https://codereview.qt-project.org/#/c/238749/
- https://codereview.qt-project.org/#/c/238749/
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- USN-4003-1
- USN-4003-1
- DSA-4374
- DSA-4374